Data Integrity and Confidentiality at Risk: File Replacement Vulnerability Affects Several Devices
CVE-2024-54099

7.1HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 12 December 2024

Summary

A file replacement vulnerability exists in various Huawei devices, allowing unauthorized modification of files. Successful exploitation could compromise the integrity and confidentiality of sensitive information stored on affected devices. This vulnerability underscores the importance of implementing robust security measures to protect against unauthorized file manipulations.

Affected Version(s)

EMUI 14.0.0

EMUI 13.0.0

HarmonyOS 4.2.0

References

https://consumer.huawei.com/en/support/bulletin/2024/12/

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2024
Vulnerability Reserved
Nov 29, 2024